In their latest technology study »Cloud Monitor 2014«, BITKOM provide an acceptance indicator as to Cloud Computing for the third time now. It is getting more and more obvious that companies have increasing concerns as to Cloud security. Trust in the Cloud is dropping, that is, growth is diminishing, which is caused by “NSA Gate“ and the disclosures by Edward Snowden.

Inquiries within companies brought to light serious concerns. First of all, decision makers feel that their sensitive data in the Cloud are not protected in the event of a hacker attack. Another issue constitutes data loss. There is also legal uncertainty in terms of data protection and IT-security aspects. He, who decides in favor of the Cloud, obviously prefers Private Cloud. Sabine Kirchem (Cloud World) gives advice regarding more efficient data storage.

At the beginning, she picks up on a weak point. IT security can only be presented by someone very familiar with the subject. Often, this pre-condition is not given with companies, especially not if the company`s main business is focused on other issues than IT security. In most cases, Cloud users gain more competence, if they entrust in people providing “radical security checks“, well-engineered surveillance systems, network intranet between the different Cloud customers, and also firewalls, meaning a considerable measure of protection. Furthermore, it proves useful to reflect about access conditions. At that, keywords are “reflected passwords“, “checks“, and “encoding”.

Mrs. Kirchem also makes reference to already existing security certificates. Before you decide in favor of a particular Cloud provider, you should check on the corresponding security certificates. This pre-condition gets mostly fulfilled by private Clouds, whereas this is not always the case with Public Cloud providers. An accurate check is necessary when the contract is concluded. However, the requirements are bidirectional. Defining Cloud guidelines within your company is imperative in order to get ideal protection. A Service Level Agreement (SLA) with your provider may prove useful as well.

What many people actually do not know: reputable providers have by no means access to the storage data. Even administrators and services get no insight. In case there are concerns as to unauthorized data access, there is to say that the Cloud servers are located in Europe, thereby applying to European laws. Data Protection Directive RL 95/46/EG applies, defining a minimum standard as to data security in all EU countries.